These aren't email addresses with passwords to those accounts, they're the email address and password someone used to sign up for some random, unknown website. Without knowing what website, most of these combos are worthless. It might have been a hack of the server, but chances are it's just some DB (and not DataBase) admin who published his user list. If you're using the same email address to register for websites, make sure you don't use your password for that email address when you register.